You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@sqoop.apache.org by Jarek Jarcec Cecho <ja...@apache.org> on 2014/05/07 17:43:33 UTC
Re: Sqoop password expose
Hi Santosh,
what logs are you referring to? Sqoop never ever printed out password into it's logs.
There were however few instances where the password was available in the past by exploring other means, such as:
* Mapreduce job.xml object - this got removed in 1.4.4 via SQOOP-914
* Oozie logs - this can be bypassed by using --password-file option that has been added in 1.4.4 again via SQOOP-914
Don't hesitate and let us know if you see another instance where the password is available!
Jarcec
On Mon, Apr 14, 2014 at 09:41:13PM +0800, Santosh Achhra wrote:
> Hello wonderful Sqoop Team,
>
> I understand that SQOOP 2 has feature to encrypt passwords however at my
> workplace we won't be using Sqoop 2 for at least sometime. As Sqoop
> exposes clear username and password in the job logs, our security team is
> not allowing us to use Sqoop. I was thinking if there is a way to remove
> the username and password from the log after data load to HDFS completes.
> Can it be done ? or any other better method?
>
> Good wishes,always !
> Santosh